14th Annual Computer Security Applications Conference
December 7-11, 1998
Phoenix, Arizona


Maintaining Security in Firm Real-Time Database Systems

Quazi N. Ahmed and Susan V. Vrbsky

Many real-time database systems, such as military institutions and government agencies, are contained in environments that exhibit restricted access of information, where mandatory access control for security is required. Hence, in addition to timing constraints, real-time database systems have security constraints. Conventional multi-level secure database models are inadequate for time-critical applications and conventional real-time database models do not support security constraints. The objective of this work is to incorporate security constraints in real-time database systems in such a way that not only is security achieved, but achieving security does not degrade real-time performance significantly in terms of deadlines missed. We propose a new optimistic concurrency control algorithm for secure firm real-time databases. Results show that the algorithm performs fairly well in terms of security and timeliness compared to a non-secure algorithm. We argue and show that achieving more security does not necessarily mean more sacrifice in real-time performance.